Morocco: Implemented National Directive on Information System Security (Version No. 2/2023), establishing mandatory security measures for operators of CII

Implemented National Directive on Information System Security (Version No. 2/2023), establishing mandatory security measures for operators of CII

On 12 July 2023, the National Directive on Information System Security (NDISS) (Version No. 2/2023) enters into force. The NDISS establishes mandatory security measures for operators of critical information infrastructure (CII). It requires the impl…

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

infrastructure provider: internet and telecom services, digital payment provider (incl. cryptocurrencies), other service provider, infrastructure provider: cloud computing, storage and databases, infrastructure provider: other

Implementation Level

national

Government Branch

executive

Government Body

central government

Complete timeline of this policy change

Hide details

2023-01-12

adopted

On 12 January 2023, the Prime Minister signed Circular No. 2/2023 on publishing the National Direct…

2023-07-12

in force

On 12 July 2023, the National Directive on Information System Security (NDISS) (Version No. 2/2023)…

Description

Implemented National Directive on Information System Security (Version No. 2/2023), establishing mandatory security measures for operators of CII

Scope

Complete timeline of this policy change